Between booking yurts on Airbnb through an iPhone to tracking traffic in real-time on Waze, mobile apps have completely changed the way we travel.
A broad range of apps offering services from searching to booking on-the-go provides unparalleled convenience, especially as companies integrate their services so travelers can jump directly from a United app to an Uber reservation or book Airbnb listings directly through Concur’s mobile app.
However, consumers are also providing more data to these services than ever before and it’s never been more at risk as these companies integrate their services and share our personal information to both improve their own services and prove their value to one another.
For example, just this Friday Uber belatedly revealed that personal information from approximately 50,000 of its drivers had been stolen in 2014.
The most recent partnership to simultaneously benefit frequent travelers and the companies sharing their information came last week with the newly announced partnership between Uber and Starwood Hotels & Resorts.
The terms of the agreement highlight the typical trade off users make between personal information and ease of use.
In addition to basic information including users’ full names, emails, and Uber avatar, SPG is gaining access to all of their pickup and drop-off locations and times, fare amounts, distances traveled and Uber products used.
Uber users have to agree to the data share before signing up for the points program, which is similar to its existing partnership with American Express. Starwood also has similar partnerships and shares similar data with Delta Air Lines and Emirates Airline.
Although user data is often anonymized and aggregated before sharing, Starwood’s and Uber’s linked accounts are guest specific.
“From an account management point of view, knowing guests’ pickup and drop-off locations helps us verify account accuracy,” says a Starwood spokesperson.
“This is very similar to when a member contacts us about a missing stay. This data gives us the information we need to accurately reflect the a member’s earn activity.”
The Depth of Data Collected
This kind of data sharing is more common and is more detailed that most consumers realize.
There is, of course, the general information that all users knowingly hand over to companies from Uber to TripAdvisor including usernames, passwords, emails, profile photos, and content posted to each site.
Then there is a second layer of information, collected through a variety of means, that consumers are less aware that they are providing.
Just some of the information collected by apps such as Uber, Instagram, Airbnb, Waze, and TripAdvisor includes cookies, log files on websites that users visit, device identifiers, and location data collected from geotags. Information can be collected either directly from users, through social media sites and third-parties that the company works or partners with, or from users’ mobile devices.
For location dependent products such as Waze, data collection includes users’ location, route information, and a detailed history of all journeys made while using the app. But the data collection is not exclusively limited to when the user is actively using the app. This behavior has continued as Waze has been integrated into the Google Maps app.
Such information is associated directly with users’ accounts and held by Waze for a limited period of time in order for Waze to, for example, provide navigation services, improve the user experience, send users’ updates and display advertising.
Location and route information is then anonymized, aggregated or deleted. The remaining data, which can’t be used to enable the identification of specific users, is then shared with other users, service providers, and third parties such as advertisers.
How The Data Is Used
Information tied to a specific user as well as anonymized data is leveraged by service providers both to improve the user experience and to work with third-party providers and partners.
“Each time you log on to a social networking site or use a free online service like Facebook, you’re opting in to having your every move documented just by using the service,” read a recent BBC article on smartphone privacy.
“Unfortunately, having access to these conveniences can leave a very detailed data trail behind you, which can easily be pieced together to form a narrative about you and your identity.”
“We know that users are searching across different devices so whatever device they are searching from if they’re logged in, with their cookies, we are going to track those searches,” says Khosrowshahi.
“If you are on your phone and get interrupted and then go to a PC, you can see those searches.”
Sharing information with advertisers and partners also, ideally, brings value to the user through relevant ads and cross-platform sharing.
For example, Instagram shares users’ information, the kinds which they are least aware is being tracked, with Facebook, service providers, and advertising partners.
TripAdvisor shares users’ information with travel suppliers such as hotels and airlines, third-party vendors, business partners, referring websites, social media services, and companies within the TripAdvisor Media Group.
Users are increasingly becoming aware of the privacy risks involved in searching to shopping online or through a mobile app.
According to a 2013 Pew Research Center survey of 792 Internet and smartphone users, 86 percent of Americans have started to mask their digital footprints either through clearing cookies and browser history, deleting a social media post, or using a temporary username or email address.